Encryption

1
Encryption

• Preliminaries
• Conventional cryptosystem DES
• Public-key cryptosystem RSA

2
Modular operation

• (mod m) a (mod m) gt taking the remainder when
  dividing a by m
• Example 5 (mod 3) 2
• Also written as 5 ? 2 (mod 3) gt setting 3 to 0
• a (mod m) r for some q, a ? q? m r where 0
  ? r lt m gt -a q ? m - rFor r ? 0, -a
  q ? m m m ? r -a (q1) ? m m ? r
  where 0 ? m? r lt mExample (-7) (mod 4) (4-3)
  (mod 4) 1 (mod 4)

3
Properties of modular operation

• (a b) (mod m) (a (mod m) b (mod m)) (mod m)
• a ? b (mod m) (a (mod m) ? b (mod m)) (mod m)
• Example5 ? 5 ? 5 (mod 3) 2 ? 2 ? 2 (mod 3)250
  ? (210)5 (mod 3) ? (2525)5 (mod 3) ?(2 ? 2)5
  (mod 3) ?15 (mod 3) ? 1 (mod 3)

4
Caesar cipher (3 (mod 26) as cyclic shifting
substitution)

• The 26 letters and space in plaintext are
  represented by 0 1 ... 25. The ciphertext is
  obtained by plaintext3 (mod 27)

• For example for plaintext TO BE OR NOT
  TO BE ZEROthe ciphertext WR EH RU QRW WR
  EH CHUR

5
Elementary number theory

• For integers a, b and c, if c a? b, we say a
  divides c (or c is divisible by a), denoted as a
  c, or b is a factor (or divisor) of a.
• If b is not a factor of a, a c.
• A positive integer, n gt 1, is (a) prime if n is
  only divisible by 1 and itself, namely, no other
  positive integer divides n except 1 and n itself
  otherwise n is (a) composite.

6
Positive integers and primes

• Positive integers 1, primes, composites
• If a positive integer n is composite, one of its
  factors must be smaller than or equal to
• The Sieve of Eratosthenes is based on this
  property to find primes for an integer n, check
  all factors smaller than or equal to ,
  and delete composites.

7
The Sieve of Eratosthenes an example

• Known primes 2, 3, 5.

Flash movie

• The remaining numbers smaller than 25 are all
  primes.
• The 168 primes less than 1000 will produce all
  primes less than 1000000.

8
Greatest common divisor and Euclid's algorithm

• If d a and d b, d is then a common divisor of
  a and b.
• Division algorithm if a ? b gt 0, then a q b
  r where 0? rlt b. Furthermore, r is unique. (q
  quotient r remainder)
• The largest common divisor of a and b is the
  greatest common divisor, denoted gcd (a , b) d
  (a, b) d is also used

9
Euclid's algorithm

• The greatest common divisor of two integers can
  be efficiently computed by Euclid's algorithm.
  Euclid's algorithm also helps find two integers
  k1 and k2 such that d k1a k2b.
• Given agtbgt1, their greatest common divisor can be
  computed by an iterative application of the
  division algorithm. r1a, r2b, riqi2 ri1
  ri2 0 lt ri2 lt ri1 for i0,1... until
  rk0gcd(a,b)r k-1

10
The extended Euclid's algorithm

• Given a gt b gt 1 and b a,
• Step 0 set k1(-1) 1, k2(-1) 0, n1(0) a,
  n2(0) b, i -1 (x y means assigning y to
  x
• Step 1 i i 1, n1(i) q(i)n2(i) r2(i)
• Step 2 if r(i) ? 0, n1( i 1) n2( i ), n2(
  i 1) r( i ), k1( i 1) k1( i ? 1) ?
  q(i)k1(i), k2( i 1) k2( i ? 1) ? q(i)k2(i),
  goto step 1.
• Step 3 output gcd(a, b) k1(i)a k2(i)b stop

11
The extended Euclid's algorithm(table form)
12
The extended Euclid's algorithm example
k(i)k(i-2)-k(i-1)q(i-1)
i-2
i-1
i
13
Relatively prime, totient ? function

• Two integers, a and b, are relatively prime if
  and only if gcd(a,b) 1
• Eulers totient ? function Given n?1, ?(n) is
  defined to be the number of nonnegative integers
  a ? n such that gcd (a,n) 1
• If p is a prime, ? (p) p ? 1
• If gcd (a,b) 1, ? (a? b) ? (a) ? (b).
• For two primes p and q ? (p? q) (p-1)(q-1).

14
Exponentials are easy

• squaring and multiplying
• To compute ab,
• Step1 Convert b to binary b (blbl -1 ? ? ?
  b0)2 where bl ? 0
• Step 2 set c 1, e a and i 0.
• Step 3 if bi ? 0, set c c ? e e e ? e
• Step 4 i i 1 if i? l, goto (3)
• Step 5 Output c as ab

15
Exponentials are easy example

• Calculate
• 6(110)2
• Squaring
• Multiplying 56 625 ? 25 15625

16
Eulers theorem

• If gcd (a,n) 1, then a ? (n) ? 1 (mod n)
• Fermats little theorem If p is a prime not
  dividing a, ap-1 ? 1 (mod p)
• Example a3, n35 ? (35)4x624 324 1 (mod
  35)

17
Encryption - terminology

• Cryptology (kryptos "hidden" and logos
  word") cryptography and cryptanalysis
• Cryptography To modify the message so as to make
  it unintelligible to anyone but the intended
  recipient.
• Cryptographer One who designs (or uses) the
  system (the good guy)
• Cryptanalyst One who tries to "break" the system
  (the bad guy)

18
Encryption - terminology

• Plaintext P message (cleartext)
• Ciphertext C encrypted message (cryptogram,
  cryptotext)
• Key K which controls how the message is
  encrypted

19
One-key (symmetric) cryptosystem

• CEK(P)
• PDK(C)
• Mechanical analogy one key lock
• The system is "broken" if cryptanalyst deduces
  the secret key K, or deduces the deciphering
  algorithm DK and is able to do this almost every
  time he tries.

Ek(P)
Dk(C)
insecure channel
P
P
K
Alice
Bob
secure channel may be not in real-ime
20
Cryptography as an art before Shannon old ciphers

• Caesar cipher shift 3 C PK (mod 26) with K3
• The Playfair cipher 25 letters (IJ) are
  arranged in a 5 x 5 square, starting with the
  key. Plaintext may be encrypted in pair

21
Cryptography as an art before Shannon old ciphers

• The Veginère cipher C P K where C, P and
  K are sequences of letters.

• Deciphering (recovering message) PC - K

22
Cipher types

• Substitution (confusion)
• Transposition (diffusion) Plaintext HELL
  OMZWCiphertext LLEH WZMO
• Shannon (1949)
• Theoretical secrecy
• Practical secrecy confusion and diffusion

23
Perfect cryptosystem

• An unbreakable cryptosystem does exist. The "one
  time pad" (the random key sequence is used only
  once) is unbreakable. However, the one time pad
  requires enormous amounts of key when large
  amounts of plaintext are to be sent. This makes
  the system impractical in all but few situations.

P plaintext
C ciphertext
K key Completely random and used only one time
The one-time pad A perfect cryptosystem
24
Modern cryptosystems

• Conventional (one key, symmetrical, classical)
  cryptosystems designed based on confusion and
  diffusion suggested by Shannon
• Public key (two key, asymmetrical) cryptosystem
  designed based on difficult mathematical problems
  No secure channel required for transfer of
  secrets

25
Public key cryptosystem (PKC)

• Each user has a key-pair Kand K
• Kis made public
• Another user uses K to encrypt message intended
  for the owner of K
• The owner of Kuses K (only known to him) to
  decrypt the ciphertext

26
The Data Encryption Standard (DES)

• Used widely all over the world
• Standard Building Blocks (SBB) are used to
  transform its 64 bits input to 64 bits output

64 bit input cleartext
64 bit ciphertext
DES
56bit key
27
SBB in DES

• SBB as a transformationL' R, R' L f(K, R)
  ( bitwise modulo-2)
• Subkeys used in each SBB are obtained from the
  key schedule. Expansion (E), nonlinear S box (S)
  and permutation (P) are all public known.
• Decryption can be carried out by using the
  subkeys in reverse order but with the same
  algorithm. RL, LR'? f(K, R)
• Similar encryption algorithms FEAL, LOKI, IDEA,
  CS-Cipher.

28
The Rivest-Shamir-Adleman (RSA) PKC

• The security of RSA is based on the belief that
  there is no fast way of factoring numbers that
  are the product of two large primes.
• Find two 'large' primes p and q and define n
  pq, obtain m ?(n) (p-1)(q-1)
• Find a random integer d such that gcd (d,m) 1
• Find by Euclid's algorithm the unique integer e
  (1? e? n) 1e dm k or e d ? 1 (mod m)
• Make known the public key, which consists of the
  pair of integers (e, n)

29
The Rivest-Shamir-Adleman (RSA) PKC

• Encryption of a plaintext P C ? Pe (mod n).
• Decryption by using the private key d
  P ? Cd (mod n).
• Cd (mod n) ? (Pe) d ? P 1m k
  ? P (Pm)k ?P (P? (n) ) k ? P (mod
  n) by Eulers theorem P? (n) ?1 (mod n)
• m should be kept secret.
• For an interesting exhaustive search attempt to
  break cryptosystems refer to www.distributed.net

30
RSA Example

• p 47, q 59, so that n p q 2773.
• m (p q)(p-1)(q-1)46x582668
• d 157, (gcd(d, m) 1) results in e 17
• Space 00, A 01,? ? ?, Z 26
• The message "ITS ALL GREEK TO ME" is represented
  as P 0920 1900 0112 1200 0718 0505 1100 2015
  0013
• P1 0920 will be enciphered as C1 92017 948
  (mod 2773)
• The deciphering works, 948157 920 (mod 2773)